What 15 Years In MedTech Taught This CEO About Cybersecurity with Marc Zemel

In this episode of the Med Device Cyber podcast, hosts Trevor Slattery and Christian Espinosa welcome Marc Zemel, the CEO of Retia Medical, to discuss the critical intersection of medical device innovation and cybersecurity, especially from the perspective of a MedTech startup. The conversation centers on the journey of developing a life-saving medical device while navigating the increasingly stringent cybersecurity requirements mandated by regulatory bodies like the FDA. Marc shares the foundational story of Retia Medical, a company born out of the principle that 'necessity is the mother of invention.' He explains how his company developed advanced algorithms to monitor a patient's cardiovascular status in real-time, providing proactive alerts to clinicians. This technology, embodied in their Argos Infinity monitor, can detect severe problems like internal bleeding seconds or even minutes before traditional vital signs, such as blood pressure, begin to drop. This early warning capability is often the difference between life and death in high-risk environments like the operating room or ICU.

The main argument of the episode revolves around the non-negotiable importance of robust cybersecurity for such critical devices. Marc Zemel emphasizes that when a device's data is used to make life-or-death decisions, its integrity is paramount. He recounts real-world scenarios where their monitor detected severe blood loss before surgeons could visually identify it, allowing for a timely mass transfusion protocol that saved the patient's life. This underscores the catastrophic potential of a security breach; a hacker could manipulate the data, leading clinicians to make tragically incorrect decisions. The hosts reinforce this point by stating that cybersecurity deficiencies are now the number one reason medical device submissions are rejected by the FDA. The discussion concludes that for MedTech innovators, embedding cybersecurity into the core design and culture of the company from the very beginning is essential not only for patient safety but also for the survival and reputation of the business itself.

Key Takeaways

• Retia Medical's technology provides proactive cardiovascular monitoring, detecting life-threatening issues like blood loss before traditional vital signs like blood pressure change.

• For MedTech devices that provide data for life-or-death decisions, cybersecurity is a fundamental requirement, not an optional feature.

• A single cybersecurity breach that compromises data integrity can be fatal for patients and can irrevocably destroy a medical device company's reputation.

• Proactive monitoring with advanced algorithms gives clinicians an early warning system, allowing them to intervene and save lives in critical situations where seconds matter.

• Cybersecurity is the number one reason medical device submissions are rejected by the FDA, making it a critical hurdle for innovators and startups.

• The evolution from cumbersome, multi-lead ECGs to simple, app-based monitors with a single lead highlights the rapid and patient-focused innovation occurring in the MedTech space.

• Building a culture of security from the ground up is more effective and essential than treating it as an afterthought, especially in the highly regulated and high-stakes medical device industry.

Listen on mdcpodcast.com · Watch on YouTube